Forked from jzwiep/docker_compose_assume_iam_role.sh
Created
January 25, 2024 15:52
-
-
Save baydakovss/a8c05c485fbe90420da7b4b3677089db to your computer and use it in GitHub Desktop.
Assume a specific IAM role with a container via docker-compose
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Assume the role using locally configured AWS credentials, then pass the assumed role to the container via environment | |
| # variables! | |
| ASSUMED_ROLE=$(aws sts assume-role \ | |
| --role-arn "arn:aws:iam::000000000000:role/our-role-to-assume" \ | |
| --role-session-name "session_name" \ | |
| --output text) | |
| # 'docker-compose exec' seems to set the shell width incorrectly, here we overcome that by manually setting COLUMNS and | |
| # LINES! | |
| docker-compose exec \ | |
| -e COLUMNS=$(tput cols) \ | |
| -e LINES=$(tput lines) \ | |
| -e AWS_ACCESS_KEY_ID=$(echo $ASSUMED_ROLE | awk '{print $5}') \ | |
| -e AWS_SECRET_ACCESS_KEY=$(echo $ASSUMED_ROLE | awk '{print $7}') \ | |
| -e AWS_SESSION_TOKEN=$(echo $ASSUMED_ROLE | awk '{print $8}') \ | |
| container_name bash |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment